Statements (19)
Predicate | Object |
---|---|
gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
gptkbp:category |
Security Weakness
|
gptkbp:cause |
Phishing
Malware Distribution Credential Theft |
gptkbp:describedBy |
gptkb:MITRE_CWE
|
gptkbp:example |
A web application that redirects users to a URL specified by a request parameter without validation
|
gptkbp:externalLink |
https://cwe.mitre.org/data/definitions/601.html
|
gptkbp:foundIn |
Web Applications
|
gptkbp:hasIdol |
601
|
https://www.w3.org/2000/01/rdf-schema#label |
CWE-601
|
gptkbp:mitigatedBy |
Avoid using user input directly in redirect URLs
Validate and sanitize all user-supplied input used for redirects |
gptkbp:name |
URL Redirection to Untrusted Site ('Open Redirect')
|
gptkbp:partOf |
CWE Top 25 (varies by year)
|
gptkbp:relatedTo |
Open Redirect
|
gptkbp:status |
Active
|
gptkbp:bfsParent |
gptkb:CWE-352
|
gptkbp:bfsLayer |
6
|